class PermissionsController < ApplicationController
  
  before_filter :require_user
  
  # GET /permissions
  # GET /permissions.xml
  def index
    
    #@permissions = Permission.all
    @search = Permission.search(params[:search])
    @search.meta_sort ||= 'code.asc'
    @permissions = @search.paginate(:per_page => 10,:page => params[:page])


    respond_to do |format|
      format.html # index.html.erb
      format.xml  { render :xml => @permissions }
    end
  end

  # GET /permissions/1
  # GET /permissions/1.xml
  def show
    @permission = Permission.find(params[:id])
    @read_only = true
    respond_to do |format|
      format.html # show.html.erb
      format.xml  { render :xml => @permission }
    end
  end

  # GET /permissions/new
  # GET /permissions/new.xml
  def new
    authorize! :create, Permission
    @permission = Permission.new
    @read_only = false
    respond_to do |format|
      format.html # new.html.erb
      format.xml  { render :xml => @permission }
    end
  end

  # GET /permissions/1/edit
  def edit
    authorize! :update, Permission
    @permission = Permission.find(params[:id])
    @read_only = false
  end

  # POST /permissions
  # POST /permissions.xml
  def create
    authorize! :create, Permission
    @permission = Permission.new(params[:permission])
    @permission.user_log = current_user.login
    respond_to do |format|
      if @permission.save
        format.html { redirect_to(@permission, :notice => 'Permission was successfully created.') }
        format.xml  { render :xml => @permission, :status => :created, :location => @permission }
      else
        format.html { render :action => "new" }
        format.xml  { render :xml => @permission.errors, :status => :unprocessable_entity }
      end
    end
  end

  # PUT /permissions/1
  # PUT /permissions/1.xml
  def update
    authorize! :update, Permission
    @permission = Permission.find(params[:id])
    @permission.user_log = current_user.login
    respond_to do |format|
      if @permission.update_attributes(params[:permission])
        format.html { redirect_to(@permission, :notice => 'Permission was successfully updated.') }
        format.xml  { head :ok }
      else
        format.html { render :action => "edit" }
        format.xml  { render :xml => @permission.errors, :status => :unprocessable_entity }
      end
    end
  end

  # DELETE /permissions/1
  # DELETE /permissions/1.xml
  def destroy
    authorize! :destroy, Permission
    @permission = Permission.find(params[:id])
    @permission.user_log = current_user.login
    @permission.destroy

    respond_to do |format|
      format.html { redirect_to(permissions_url) }
      format.xml  { head :ok }
    end
  end
end
